Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: How to Run an On Demand Scan With RepCLI

Endpoint Standard: How to Run an On Demand Scan With RepCLI


  • Carbon Black Cloud Windows Sensor: 3.3.x.x and Higher
    • Endpoint Standard
  • Microsoft Windows: All Supported Versions


Run an expedited on-demand scan on entire drives or specific directories with the RepCLI utility


  1. Log into the machine with a user account that matches the AD User or Group SID configured at the time of sensor install
  2. Launch a Command Prompt
  3. Change directory to C:\Program Files\Confer
  4. Run the following command
    repcli ondemandscan [directory path]
  5. Progress can be tracked with the "repcli status" command, which includes scan information under the General Info section
    C:\Program Files\Confer> repcli status
    General Info:
            Sensor Version[]
            Local Scanner Version[ - ave.]
            Sensor State[Enabled]
            Kernel File Filter[Connected]
            Background Scan[Expedited Scan]
            Total Files Processed[2025]  Current Directory[C:\Program Files\Common Files\VMware\InstallerCache]

Additional Notes

  • The OnDemandScan will run as an expedited scan, which means the scan will run faster than a normal background scan and may impact performance.
  • The OnDemandScan will not directly remove known malware.  The results will be the same as the background scan that ran after Sensor install. 
  • The OnDemandScan will run on the specified directory and and generate file hashes and reputation lookups. This data will be stored in a local database for future file lookups.
  • Any on-demand scans launched by RepCLI will be logged in the Windows Application Logs under Event ID 17.
  • if do not specify a path argument, the sensor will scan all "fixed" drives by default.
  • The sensor will not scan any external or USB drives.
  • The OnDemandScan will only run on the contents of a specified directory or Drive, it can not run on individual files.

Related Content

Was this article helpful? Yes No
67% helpful (2/3)
Article Information
Creation Date: